Arbitrary OS Command Execution in IBM Rational Quality Manager and Rational Collaborative Lifecycle Management

CVE-2016-0326 · MEDIUM

CVE-2016-0326

IBM Rational Quality Manager (RQM) and Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.x before 4.0.7 iFix11, 5.x before 5.0.2 iFix17, and 6.x before 6.0.1 ifix3 allow remote authenticated users to execute arbitrary OS commands via a crafted "HTML request."

Learn more about our Code Quality Review.